Zimbs Valetex
The PlatformOverviewMethods & StandardsEngine409A ValuationASC 820 ValuationCap TableView all services
AboutInsightContact

Security & Deployment

Enterprise-grade protection for your valuation data

Zimbs Valetex is built on a zero-trust security architecture with AES-256 encryption, tenant-isolated engagement data, role-based access, and a comprehensive audit trail — delivered as Cloud SaaS or on-premise inside your own network.

Explore the platform

AES-256 at rest & in transitTenant-isolated engagement dataCloud SaaS or on-premise

How we protect your data

Security built into every layer of the platform

Encryption everywhere

All data is encrypted in transit (TLS 1.2 or higher) and at rest (AES-256 at the volume level), with encryption keys held in a dedicated, managed key-management service (KMS).

Identity & access control

Enterprise SSO via Azure AD federated identity, role- and permission-based access control (RBAC), and MFA required for administrative access — least-privilege by default.

Tenant isolation

Multi-tenant data isolation at the database layer keeps every client's engagement data separate, with reporting-type isolation across 409A, ASC 820, and ASC 718 work.

Audit trail & integrity

Every assumption, weight, and override is logged with a timestamp and reason. Finalization is irreversible by design, with soft-delete history for a complete, reviewable record.

Zero-trust architecture

Continuous monitoring, automated threat detection, and multi-layered access controls protect the confidentiality, availability, and processing integrity of your data.

Data sovereignty

Run multi-tenant Cloud SaaS, or deploy on-premise inside your own network so no client data ever leaves your perimeter — the same platform, your choice of boundary.

Controls at a glance

Enterprise controls, enabled by default

  • Enterprise SSO (Azure AD federated identity)
  • Role- and permission-based access control
  • Tenant-isolated engagement data
  • Reporting-type isolation (409A / ASC 820 / 718)
  • AES-256 encryption at rest and in transit
  • MFA required for administrative access
  • Comprehensive audit log with soft-delete history
  • Continuous monitoring & automated threat detection

Deployment

Your data, on your terms

Choose the boundary that fits your firm — fully hosted, or entirely inside your own network. The analytical result is identical either way.

Cloud SaaS

We host; your team logs in. Tenant-isolated data, encryption managed for you, and continuous security and methodology updates.

On-premise

Runs inside your own network for full data sovereignty — no client data leaves your perimeter, with versioned, reviewable releases.

Talk through your security requirements

Book a walkthrough and we'll cover encryption, access control, tenant isolation, and Cloud-vs-on-premise deployment for your team.

Contact us